Microsoft Offers Reward for Information on Rustock

Last month, I shared with you that the Rustock botnet has remained inactive since Microsoft and its partners took it offline on March 16th.

Today, we take our pursuit a step further. After publishing notices in two Russian newspapers last month to notify the Rustock operators of the civil lawsuit, we decided to augment our civil discovery efforts to identify those responsible for controlling the notorious Rustock botnet by issuing a monetary reward in the amount of $250,000 for new information that results in the identification, arrest and criminal conviction of such individual(s).

This reward offer stems from Microsoft’s recognition that the Rustock botnet is responsible for a number of criminal activities and serves to underscore our commitment to tracking down those behind it. While the primary goal for our legal and technical operation has been to stop and disrupt the threat that Rustock has posed for everyone affected by it, we also believe the Rustock bot-herders should be held accountable for their actions.

The legal action Microsoft has taken in civil court has already been successful, helping us take down the Rustock botnet and disrupt its operations. Rustock was notorious as a spam giant, with a capacity for sending 30 billion spam mails every day. It was responsible for a number of other crimes as well, including advertising counterfeit or unapproved versions of pharmaceuticals, and violating the trademarks of the pharmaceutical manufacturer Pfizer and Microsoft. Additionally, although the Rustock botnet infection base has been cut in half in the short time since the takedown, there are still hundreds of thousands of infected computers around the world yet to be cleaned of the botnet malware.

Microsoft has already been gathering strong evidence in our ongoing investigation and this reward aims to take that effort a step further. We will continue to follow this case wherever it leads us and remain committed to working with our partners around the world to help people regain control of their Rustock-infected computers. (For free information and resources to clean your computer, visit support.microsoft.com/botnets.)

More information about the reward can be found in the reward document posted alongside this blog, which is also available at noticeofpleadings.com. Note: The total maximum amount eligible for reward is $250,000.00 (USD value). Residents of any country are eligible for the reward pursuant to the laws of that country, because the Rustock botnet affected the Internet community worldwide. Anyone with information on the Rustock botnet or its operators should contact Microsoft at avreward@microsoft.com.

We will continue to provide updates as the Rustock investigation, civil case and cleanup effort progresses. You can also follow the Microsoft Digital Crimes Unit on Facebook and Twitter.